Blog

The difference between your “cloud” and cloud hosting

How your QuickBooks is hosted determines if the data it holds is actually safe. Learn how to keep it protected, whether your solution is in-house or through a provider.

minute read

Last Updated May 15, 2024

man looking at QuickBooks cloud server hosting

Share

Cloud servers, cloud-based web hosting services, private cloud, public cloud, hybrid cloud—the hodgepodge of hosting language that often confuses all. But which one is right for you? Which hosted option offers the right network for your accounting software? And really…is there any difference when it comes to hosting QuickBooks?

In this post, Jeff Siegel (owner of Siegel Solutions) will help walk us through:

  • Exactly why you should care where your information is stored.
  • The difference between a home-grown, self-managed cloud solution and hosting from a provider.
  • How to keep QuickBooks secure no matter how it’s hosted.

Security is a selling point

Accounting professionals tend to have two major concerns when it comes to securing their QuickBooks:

  • Will I, or will my clients, ever lose access to QuickBooks data?
  • Could personally identifiable information (PII) be taken from my QuickBooks data?

Not only should you be able to answer those questions for your accounting firm, but you should also be able to share exactly how you’re securing client data with that client upfront.

In today’s ruthless, uber-connected landscape, security is a selling point.

If you use a cloud provider, they’ll be able to give you the exact safeguards put in place to ensure numbers one and two are “no.” If your cloud solution is home-grown and in-office… you’re probably shrugging, “Who knows?”

Here’s Siegel’s take on home-grown, accounting-firm-managed, in-office servers:

“Many people claim their data is “in the cloud [and therefore safe].” The fact of the matter is: their data is sitting on a physical server in a physical location that is accessed through an internet connection.”

Few safeguards are put in place to protect that physical server from accidental damage or malicious hackers, if any. Accounting firms simply don’t have the time or resources to give their servers the security measures they require.

Why hackers target on-premises servers

If you work at an accounting firm, you’re bound to be using one of the following desktop solutions:

…and because these robust programs require a lot of processing power and storage capacity, they’re likely stored on a server in your office rather than directly on your desktop computer.

These self-managed server solutions are hackers’ favorite targets because:

  • It’s assumed these solutions aren’t as secure.
  • More and more applications (not just QuickBooks) are hosted on these servers. More applications = more information = more black market earning potential.

“It’s logical to assume that data that is being compromised is “in the cloud” at a cloud provider, but in reality, much of this data is actually being hacked from on-premises servers that do not have the security a cloud provider would have.” Jeff Siegel, Siegel Solutions

Jeff said it best: it’s completely plausible to assume data outside of your physical reach is less secure. But today, that’s simply not true.

Your cloud vs. QuickBooks cloud hosting

Using data from conversations, consultations and accounting firm walkthroughs, let’s take a look at how a typical firm’s server compares to a cloud hosting provider’s:

Firm-operated server Cloud hosting provider server
Physical damage can occur more easily due to access to the hardware by employees, contractors and other professionals in the office environment. Servers are located in locked-down, access and climate-controlled facilities with security cameras and security guards protecting them 24/7.
Firewalls, either hardware or software, aren’t continually updated and are expensive to monitor. Run ongoing backups that go back months if the need arises to bring back data.
A true backup policy and procedure may not be in place, or redundant hardware may not be in place to ensure continual access in the event of an issue. Data on one server is backed up on another in another, just-as-secure location.
Security breaches may not be detected. Servers are patched and updated continuously, keeping them secure from vulnerabilities.
Permissions, in many cases, allow access to critical server components or directories where files are shared. Technology is constantly updated, helping with security, speed and access.
There is no dedicated personnel to ensure the security of the server is monitored. Software is in place to monitor any potential virus threats or downloads.
Ports to the internet are left open or are opened for certain software, allowing for security breaches; viruses can be accidentally downloaded by employees. Full-time personnel monitor the environment, test applications on the environment for any security lapses and support the end users.

Local server ≠ secure server

Here’s Jeff:

“Let’s not be fooled into thinking that if the data is local, it is secure…Accounting professionals and their clients should be focused on growing and managing their businesses and not on trying to protect their data in their local environment.”

In closing, here are a few of Jeff’s best tips for keeping your QuickBooks (and other accounting and tax software) secure, no matter how it’s hosted:

“Whether your QuickBooks data is in the cloud or on your local servers, here are some tips for keeping your data safe:

  • Use complex passwords and change them frequently.
  • Do not open email attachments sent to you from unknown sources.
  • Back up your data locally and offsite.
  • Use cloud services that encrypt your data.
  • Install antivirus software.
  • If possible, hire certified security professionals to test the sophistication of your data protection.
  • Limit access to your data to only the people that need it.
  • Store sensitive data with a trusted, secure hosting provider.

For more information about security, QuickBooks and cloud hosting, subscribe to our blog today.

Subscribe to our blog

Get Rightworks articles delivered straight to your inbox.
Privacy(Required)